this post was submitted on 29 Aug 2024
108 points (96.6% liked)

Rust

5938 readers
1 users here now

Welcome to the Rust community! This is a place to discuss about the Rust programming language.

Wormhole

[email protected]

Credits

  • The icon is a modified version of the official rust logo (changing the colors to a gradient and black background)

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 13 points 2 months ago (2 children)

What exactly is the "nontechnical nonsense" he’s complaining about?

[–] [email protected] 54 points 2 months ago* (last edited 2 months ago)

In summary, a bunch of 60 year old C developers with social deficits hijacking the conversation when he gives a talk or tries to get anything done. E.g. the link was people interrupting a QA session to complaining "I don't want to learn Rust".

[–] [email protected] 37 points 2 months ago (1 children)

There is a video linked in the article for context:

https://youtu.be/WiPp9YEBV0Q?t=1529

If I try to interpret the context, it could be C programmers just being negative to Rust because it is not C, that there is a conception of Rust programmers trying to enforce Rust on others, or that Rust programmers will break things.

[–] [email protected] 5 points 2 months ago (4 children)

Behind all the negative tone there is a valid concern though.

If you don't know Rust, and you want to change internal interfaces on the C side, then you have a problem. If you only change the C code, the Rust code will no longer build.

This now brings an interesting challenge to maintainers: How should they handle such merge requests? Should they accept breakage of the Rust code? If yes, who is then responsible for fixing it?

I personally would just decline such merge requests, but I can see how this might be perceived as a barrier - quite a big barrier if you add the learning cliff of Rust.

[–] [email protected] 22 points 2 months ago* (last edited 2 months ago) (1 children)

That seems based on the same misconception as the whole "fighting the compiler" view on Rust, namely that other languages are better because they let you get away with not thinking through the problems in your code up front. I am not surprised that this view is common in the C world which is pretty far on the end of the spectrum that believes that they are a "sufficiently disciplined programmer" (as opposed to the end of the spectrum that advocates for static checks to avoid human mistakes).

The problem you mention is fundamentally no different from e.g. changing some C internals in the subsystem you know well and that leads to breakage in the code in some other C subsystem you don't know at all. The only real difference is that in C that code will break silently more likely than not, without some compiler telling you about it. The fact that the bit you know well/don't know well is the language instead of some domain knowledge about the code is really not that special in practical terms.

[–] [email protected] 9 points 2 months ago (1 children)

That's a very good point. I hadn't considered potential lack of domain knowledge at all. In that case Rust might even help, because it's easier to write interfaces that can't be used wrong - so that even someone without the needed domain knowledge might be able to fix compile issues without breakage.

[–] [email protected] 12 points 2 months ago

See also Asahi Lina's thread on this, which explicitly says that Rust is one reason why their drivers cause fewer kernel panics than others: https://vt.social/@lina/113045456734886438

[–] [email protected] 15 points 2 months ago (3 children)

Ask the Rust maintainers to fix it presumably? The antagonist in the video above claimed there are 50 filesystems in Linux. Do they really fix all 50 filesystems themselves when they change the semantics of the filesystem API? I would be very surprised. I suspect what actually happens currently is either

  1. They actually don't change the semantics very often at all. It should surely be stable by now?
  2. They change the semantics and silently break a load of niche filesystems.

I mean, the best answer is "just learn Rust". If you are incapable of learning Rust you shouldn't be writing filesystems in C, because that is way harder. And if you don't want to learn Rust because you can't be bothered to keep up with the state of the art then you should probably find a different hobby.

These "ooo they're trying to force us to learn Rust" people are like my mum complaining you have to do everything online these days "they're going to take away our cheque books!" 🙄

[–] [email protected] 3 points 2 months ago (1 children)

At some point, reading kernel code is easier than speculating. The answer is actually 3. there are multiple semantics for filesystems in the VFS layer of the kernel. For example, XFS is the most prominent user of the "async" semantics; all transactions in XFS are fundamentally asynchronous. By comparison, something like ext4 uses the "standard" semantics, where actions are synchronous. These correspond to filling out different parts of the VFS structs and registering different handlers for different actions; they might as well be two distinct APIs. It is generally suspected that all filesystem semantics are broken in different ways.

Also, "hobby" is the wrong word; the lieutenant doing the yelling is paid to work on Linux and Debian. There are financial aspects to the situation; it's not solely politics or machismo, although those are both on display.

[–] [email protected] 3 points 2 months ago

Well that just sounds insane. Isn't the whole point of an abstracted API that you can write code for it once and it works with all of the implementations?

[–] [email protected] 3 points 2 months ago (1 children)

I would be very surprised if they wouldn't fix all 50 filesystems.

In all projects I have worked on (which does not include the Linux kernel) submitting a merge request with changes that don't compile is an absolute no-go. What happens there is, that the CI pipeline runs, fails, and instead of a code review the person submitting the MR gets a note that their CI run failed, and they should fix it before re-opening the MR.

[–] [email protected] 6 points 2 months ago

submitting a merge request with changes that don’t compile is an absolute no-go.

Right but unless the tests for all 50 filesystems are excellent (I'd be surprised; does Linux even have a CI system?) then the fact that you've broken some of them isn't going to cause a compile error. That's what the linked presentation was about! Rust encodes more semantic information into the type system so it can detect breakages at compile time. With C you're relying entirely on tests.

[–] [email protected] 2 points 2 months ago

Breaking that kind of API probably breaks users pace. Linus is very vocal about breaking userpace.

[–] [email protected] 12 points 2 months ago (1 children)

From what I understood, the Rust devs weren't asking to change the interface, only to properly document it, and asked the kernel devs to cooperate with them so that Rust for Linux doesn't break without warning.

[–] [email protected] 14 points 2 months ago

The Rust devs were trying to say they were fine if the Rust code ends up breaking, and they would take care of it. But they got talked over but the kernel dev.

[–] [email protected] 8 points 2 months ago

IMO, if a developer finds Rust too difficult to learn, they probably shouldn't be writing kernel code in the first place.